Vwar v1.5.0 <= Sql Injection and XSS vuln.
IHST > Iran HackerZ Security Team (WhiteHat Part)
-------------------------------------------------
Vendor : www.vwar.de
vuln. Version = v1.5.0 and lower
Credits : MFox
Contact : mfoxhacker@xxxxxxxxx
HomePage : www.hackerz.ir
-------------------------------------------------
Proof of Concept
Http://[Target]/[Path]/war.php?page=[SQL] & [XSS]
-------------------------------------------------
Gr33tZ :
S3rv3r_Hack3r - Hessam-X - BlOod_MoOn - Rs_VB - Rh_b_H - S433d_Only_LinuX -
saTTar_li
-------------------------------------------------